Security rules not working?

#1

Hello,

i’m using an ARM64-2GB instances and I try to secured it a little bit more!
So I setup inbound rules like this :

Inbound default policy : Drop
Inbound rules:

  • Accept TCP 22
  • Accept TCP/UDP 443
  • Accept TCP/UDP 80
  • Accept TCP/UDP 53

Outbound rules (by default with smtp disabled): Accept

With this setup, I’m not able to reach any site from the server (apt-get, curl or wget) DNS request seems to be broken:
Message example from apt-get : Failed to fetch http://httpredir.debian.org/debian/dists/buster/InRelease Could not resolve ‘httpredir.debian.org

If I update the setup with “Inbound default policy : Accept”, all is working well…
Did I do something wrong in the setup or is there a bug ?

thanks for your help,

#2

You can use iptables.
“man iptables”